Access Restriction Bypass

Affecting org.apache.tomcat:tomcat-catalina artifact, versions [7.0.0,7.0.68), [8,8.0.31), [9-alpha,9.0.0.M2)

Do your applications use this vulnerable package? Test your applications

Overview

org.apache.tomcat:tomcat-catalina The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.

References

CVSS Score

6.3
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    Low
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    Low
  • Integrity
    Low
  • Availability
    Low
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Credit
Unknown
CVE
CVE-2016-0763
CWE
CWE-264
Snyk ID
SNYK-JAVA-ORGAPACHETOMCAT-30917
Disclosed
22 Feb, 2016
Published
22 Feb, 2016